cancel
Showing results for 
Search instead for 
Did you mean: 

Problems with AP320

Problems with AP320

siacloud_netsec
New Contributor II

I have several AP230 APs that act as RADIUS server for WPA2 802.1X authentication (Enterprise) and works OK, but does not work OK on APs AP320.

 

In the APs320, when I try to create the "AAA User Directory" configuration, with the same user that works in the APs 230, I don't join with the APs320.

 

Any idea why?

 

The error message is:

 

The join operation was unsuccessful and has timed out. The Active Directory server might not be reachable.

 

 

Note: Not comunication problem.

1 ACCEPTED SOLUTION

siacloud_netsec
New Contributor II

Hi,

 

I solved the problem. The problem was in NTP synchronization with DC. This caused a kerberos problem.

 

Regards.

View solution in original post

4 REPLIES 4

siacloud_netsec
New Contributor II

Hi,

 

I solved the problem. The problem was in NTP synchronization with DC. This caused a kerberos problem.

 

Regards.

siacloud_netsec
New Contributor II

hello,

 

we have continued to investigate. Now, the error is other: "The Aerohive RADIUS server was unable to join the Active Directory domain because its account was not found in the database, causing the login attempt to fail."

 

In capture traffic in DC, I have seen a Kerberos error: error-code: eRR-C-PRINCIPAL-UNKNOWN (6)

 

I use the same user in other APs.

 

In Windows event viewer, I don't finde any related event.

 

Any idea?

 

Thanks you so much.

siacloud_netsec
New Contributor II

Hi,

 

Thanks for you answer.

 

I don't management AD, but I will try to get AD logs. I have seen with Wireshark that the traffic is received (and answered) in DC.

 

Regards

samantha_lynn
Esteemed Contributor III

Do you see the join request logged in your Active Directory logs? Are there any errors or does it say the join request was successful?

GTM-P2G8KFN